googletag.cmd.push(function() { googletag.display('div-gpt-ad-1482431611496-4'); });
Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Tuesday, April 5, 2022
    9:00 am
    [PLUS Course] Developing a Comprehensive Ransomware Security Program
    • session level icon
    speaker photo
    Sr. Cybersecurity Consultant, Wilson Cyber
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm

    Attendees are eligible to receive 12 CPE credits (including the 6 CPES from the Conference Pass).

    Ransomware is a specific and extremely harmful type of malware used by cybercriminals to extort money from individuals, organizations, and businesses. The infections block access to your data until you make a ransom payment, at which point you’re supposed to regain access. In reality, nearly 40% of the victims who pay the ransom never get their data back and 73% of those who pay the ransom are targeted again later – which is why everyone must protect against ransomware. In the past year, targeted ransomware attacks against government agencies, educational establishments, and healthcare providers have raised the stakes for those charged with protecting organizations. Ransomware attacks not only damage business, but also put health, safety, and lives at risk.

    Active Directory has become a popular pathway for ransomware attacks. The main reason cybercriminals target Active Directory is because it serves as a gateway to the rest of the network as a service for managing, networking, grouping, authenticating, and securing users across corporate domain networks. Users and computers rely on Active Directory to access various network resources. As such, cybercriminals understand that ransomware attacks on Active Directory can wreak havoc on any organization, making it an excellent extortion mechanism.

    In the fight against ransomware, organizations need to strategically prepare to protect against and respond to attacks. However, many IT organizations struggle to prioritize the appropriate initiatives to combat and mitigate the impact of ransomware. With more tools, technologies and processes than ever, a comprehensive ransomware security program is a must to help detect, prevent, respond and limit the overall exposure to ransomware and other destructive attacks. This comprehensive training course will help organizations to design, build, and manage a comprehensive Ransomware Security Program.

    Part 1: Ransomware Overview (90 Minutes)

    1.1 – Background & Introduction

    • What is ransomware?
    • How do ransomware attacks work?
    • How ransomware attacks have evolved (2016) – WannaCry and Petya / NotPetya
    • How ransomware attacks have evolved (2021) – REvil and Ryuk
    • Top six Ransomware Attacks of 2021 / 2022

    1.2 – Today’s Ransomware Problem

    • Human Operated Ransomware Attacks (Double Extortion)
    • Supply Chain Attacks
    • Ransomware as a Service (RaaS)
    • Attacking Unpatched Systems
    • Phishing Emails
    • Penetration Testing Tools (Cobalt Strike)

    1.3 – Ransomware Attacks against Information Technology (IT) Networks and Systems

    • Ransomware attack stages (initial access, lateral movement, privilege escalation, extortion, encryption)
    • The Ireland Health Service Elective (HSE) ransomware attack
    • How Conti Ransomware works
    • Lessons learned from the HSE Ransomware Attack

    1.4 – Ransomware Attacks against Operational Technology (OT) Networks and Systems

    • Ransomware attack stages (initial access, lateral movement, privilege escalation, extortion, encryption)
    • The Colonial Pipeline ransomware attack
    • How DarkSide Ransomware works
    • Lessons learned from the Colonial Pipeline Ransomware Attack

    Part 2: Understanding Ransomware Attacks (90 Minutes)

    2.1 – The MITRE ATT&CK Framework

    • What are the current Attack Models and how do they work?
    • What is the MITRE ATT&CK Framework?
    • What are MITRE Tactics?
    • What are MMITRE Techniques?
    • What are MITRE Procedures?
    • What is the MITRE D3FEND Matrix?

    2.2 – Mapping Ransomware Tactics, Techniques, Procedures (TTPs) to MITRE ATT&CK

    • Mapping REvil Ransomware to the MITRE ATT&CK Framework
    • Mapping Conti Ransomware to the MITRE ATT&CK Framework
    • Mapping Maze Ransomware to the MITRE ATT&CK Framework
    • Mapping Ryuk Ransomware to the MITRE ATT&CK Framework
    • Mapping DarkSide Ransomware to the MITRE ATT&CK Framework

    2.3 – Pen Testing Tools and the MITRE ATT&CK Framework

    • The Pen Testing Execution Standard (PTES)
    • NIST SP 800-115 Technical Guide to Information Security Testing and Assessment
    • The Cobalt Strike Penetration Testing Platform
    • Mapping Cobalt Strike to the MITRE ATT&CK Framework

    2.4 – Understanding Cyber Threat Intelligence (CTI)

    • What is Cyber Threat Intelligence (CTI)?
    • How does Cyber Threat Intelligence Work?
    • Who are the main providers of Cyber Threat Intelligence?
    • What are the main themes of Cyber Threat Intelligence in 2021?

    Part 3: Building a Ransomware Security Program (90 Minutes)

    3.1 – Ransomware Security Controls / Guides

    • CISA_MS-ISAC Ransomware Guide
    • Higher Education Ransomware Playbook
    • CSBS Ransomware Self-Assessment Tool
    • NIST IR 8374 – NIST Cybersecurity Framework (CSF) Guidance on Ransomware
    • US Government Interagency Technical Guidance – How to Protect your Networks from Ransomware
    • Canadian Centre for Cyber Security Ransomware Playbook

    3.2 – NIST SP 1800 Practice Guides on Ransomware

    • NIST SP1800-25 – Identifying and Protecting Assets Against Ransomware and Other Destructive Events
    • NIST SP 1800-26 – Detecting and Responding to Ransomware and Other Destructive Events.
    • NIST SP 1800-11 – Recovering from Ransomware and Other Destructive Events

    3.3 – Free Cybersecurity Tools and Services > https://www.cisa.gov/free-cybersecurity-services-and-tools

    • Tools that focus on reducing the likelihood of a damaging cyber incident
    • Tools that focus on detecting malicious activity quickly
    • Tools that focus on responding effectively to confirmed incidents
    • Tools that focus on maximizing resilience to a destructive cyber event

    3.4 – Building a Ransomware Security Program

    • Cybersecurity Program Assessment: based on CIS Security Controls Scorecard
    • Ransomware Program Assessment: based on CISA MS-ISAC Ransomware Controls Scorecard
    • Develop a Plan of Action and Milestones (POA&M)
    • Document an Executive Summary
    • Conduct Read Team, Blue Team, Purple Team and Table-Top Exercises
  • Wednesday, April 6, 2022
    7:00 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:15 pm
    Location / Room: Registration Counter / Lobby

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    7:30 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    Topic: Succession Planning for the CISO
    speaker photo
    CISO, Veterans United Home Loans
    Registration Level:
    • session level iconVIP / Exclusive
    7:30 am - 8:20 am
    Location / Room: Courtyard 7

    Randy Raw will moderate a discussion on succession planning for your organization’s CISO.

    This roundtable is for SecureWorld Advisory Council members only.

    7:30 am
    ISSA Chapter Meeting
    • session level icon
    Topic: Latest DDoS Trends and the Ransom-Driven Attacks | Open to all attendees
    speaker photo
    WiCys Kansas City Metroplex, President
    speaker photo
    President, ISSA KC Chapter
    Registration Level:
    • session level iconOpen Sessions
    7:30 am - 8:20 am
    Location / Room: Courtyard 6

    Dr. Cheryl Cooper will present, “Latest DDoS Trends and the Ransom-Driven Attacks.” Summary: DDoS attacks have dominated the charts in terms of frequency, sophistication, and geo-distribution over the last year. Ransom DDoS attacks—that, unlike ransomware attacks, do not even require the hacker to access an organization’s internal systems before they can be carried out—are also surging, crippling organizations’ network infrastructure, and taking them offline demanding ransom in the Bitcoin.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 3:15 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:30 am
    [Opening Keynote] From Incident Response to Cyber Counterintelligence
    • session level icon
    A New Hope for Cyber Defenders
    speaker photo
    CISO, Dolby Laboratories
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: Keynote Theater

    Key Takeaways:

    • Why our current detection and response best practices will never be effective and will only lead to more breaches and more burnout
    • How to think like a counterintelligence officer instead of an incident responder
    • Why there is a new hope to win this fight

    For over 20 years, organizations have struggled with Security Incident Response, and we hear constantly about the challenges: floods of data beyond human comprehension, complex systems, inadequate tools (SIEM anyone?), shortage of skilled cyber defenders, etc.

    Many point to AI as the next silver bullet that will solve all our problems, but will it?

    The root cause of the issue is not a technology problem but rather an approach. As cyber defenders, we should move from Reactive Incident Response to Proactive Cyber Counterintelligence as a means to defend forward.

    In this talk, Yaron Levi, Cyber Defender and 2 times CISO will suggest a new defense approach that is based on counterintelligence and counterterrorism practices. Topics will include:

    • The challenges of incident response
      First, we will start with exploring the challenge with common incident response practices, including: complexity, data overload, not understanding the attackers’ perspective, and why more visibility not only doesn’t help you but in fact hurts you.
    • The fallacy of IOC visibility and why cyber defenders are burning out
      We will discuss the deep-seated fear that all Cyber Defenders have, in the back of their mind, to be exposed as incompetent and how that fear combined with flood of alerts cause anxiety, burnout, and depression.
    • Why Cyber Counterintelligence?
      We will explore the shortcomings of a reactive Incident Response, and introduce the concept of using counterintelligence practices to proactively identify and neutralize security threats, way before they escalate to an “incident.”
    • Why cyber defenders need to think like the terrorists and not like the soldiers
      We will explore the different mindsets of attackers and defenders and will suggest a new approach for Cyber Defenders.
    9:15 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:15 am - 9:45 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    9:45 am
    [Panel Discussion] Building Diverse Organizations at all Levels of the Ecosystem
    • session level icon
    Closing the Gender and Race Gap in Cybersecurity
    speaker photo
    WiCys Kansas City Metroplex, President
    speaker photo
    Technology Leader, I/O Psychologist
    speaker photo
    Director, Global Cyber Governance Center, Cboe Global Markets
    speaker photo
    Lead, Security Awareness; Sr. Engineer, Information Security & Risk, Cardinal Health
    speaker photo
    Communications Specialist, Big 12 Now / ESPN+
    Registration Level:
    • session level iconConference Pass
    9:45 am - 10:30 am
    Location / Room: Keynote Theater

    Key Takeaway:
    Learn the systemic issues with causations and effects that lead to a lack of diverse workforces in cybersecurity, and strategies for recruitment and retention by working together to remove barriers.

    Women and people of color remain underrepresented in cybersecurity; women represent only 6 percent of CEOs in America’s largest companies. The ability to retain a quality and diverse workforce is essential in stemming the persistent gender and racial gap in STEM professions. Information technology jobs pay 20% to 30% more than other jobs, and yet there is a significant shortage of skilled technology workforce. The gap between demand and supply in Cybersecurity is even more significant. There are 3.5 million Cybersecurity jobs that need to be filled in 2022. This presents an opportunity for IT and Cybersecurity to take the lead in closing the gap by attracting and developing a diverse workforce of practitioners and leaders to build the workforce of the future. So, what can organizations and leaders do to retain women and people of color in the profession? We will discuss strategies and practices for recruiting and retaining diverse talent, especially in this era of the “great resignation.”

    9:45 am
    Practical Cyber Hygiene
    • session level icon
    speaker photo
    VP of Security Services, Novacoast
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:30 am
    Location / Room: Courtyard 4

    Security is hard, with all of the noise in the industry and more startups and point solutions than you can ever look at, what should you be focused on? We’ve been in the security industry for over 25 years and we’ve seen trends and built up security programs for small businesses and large global enterprises over that time. In this session we’ll cover key evolutions in the industry and what that means for you.

    9:45 am
    CNAPP: Finding the Worst Security Risks
    • session level icon
    speaker photo
    Enterprise Solutions Engineer, Wiz
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:30 am
    Location / Room: Courtyard 5

    Are you familiar with the new category of CNAPP? Security challenges in the Cloud are different than those that exist on perm, but the overall processes to build and maintain a secure environment are the same. A cloud-native application protection platform is a simplified security architecture that enables enterprises to holistically benefit from the cloud-native ecosystem. It enables them to leapfrog the cost and complexity of siloed security products to a continuous security fabric without major investments in tools or developer talent. Learn first hand from the experts on the ROI/Benefits of CNAPP and real-world approaches to deploying in your existing environment.

    10:40 am
    They Were Here, Now They're Everywhere: Leading Distributed Teams
    • session level icon
    speaker photo
    Associate CISO, The University of Kansas Health System
    Registration Level:
    • session level iconConference Pass
    10:40 am - 11:25 am
    Location / Room: Courtyard 4

    It’s no secret that many organizations abruptly shifted to a remote workplace model when the COVID-19 pandemic swept the globe. As leaders cope with the aftermath of the strangest time of their lives, they now consider what the workforce of the future looks like. Although the long-term answer will vary, one thing is certain: more organizations are embracing a dispersed workforce. Some leaders are concerned how they will continue to build and lead effective teams when many of our tried-and-true tactics are obsolete. While many have overcomplicated remote leadership, all we really need are four basic principles for success.

    10:40 am
    The Coming Cyberspace Cold War with Russia
    • session level icon
    speaker photo
    Chief Security Advisor, SentinelOne
    Registration Level:
    • session level iconOpen Sessions
    10:40 am - 11:25 am
    Location / Room: Courtyard 5

    There’s a very good reason Russia has not deployed their latest cyber weapons against Ukraine. They’re saving them for the United States in what may be the beginning of a modern cold war played out in cyberspace. NATO has declared cyber to be an operational domain, and subject to Article 5 in case of a “massive” cyber attack. But what does “massive” mean? Russia will play the fringes in the gray space of policy to conduct low-intensity warfare, using their tools and tactics refined against adversaries like Ukraine. The result? Unrestricted warfare against our critical infrastructure, espionage operations targeting the software supply chain, and new cyberweapons.

    10:40 am
    Security Awareness: Focusing on What Users Can Do
    • session level icon
    speaker photo
    Sr. Information Security Analyst, Veterans United Home Loans
    Registration Level:
    • session level iconConference Pass
    10:40 am - 11:25 am
    Location / Room: Courtyard 3

    Security Awareness programs today can provide an overwhelming array of tools and content for their users, but what happens if the content in question is not what users need or even care to learn? You’re left with a secure program that’s not raising awareness in it’s intended function. So, how do you fix it?

    In this session you’ll learn how you can build a Security Awareness Program that does more than check boxes for compliance reports, what tools need to be brought before your users, and how to grab busy and distracted users’ attention. Come on by as we share examples of successful tactics we’ve first hand implemented through our Veterans United Home Loans Security Awareness campaign.

    11:30 am
    [Lunch Fireside Chat] BEC Attacks, Crypto, and the Investigative Powers of the Secret Service
    • session level icon
    speaker photo
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service
    speaker photo
    Sr. Special Agent, Cyber Crime Unit, United States Secret Service
    speaker photo
    Network Intrusion Forensic Analyst, United States Secret Service
    speaker photo
    Principal Security Program Manager, Microsoft
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:30 pm
    Location / Room: Keynote Theater
    11:30 am
    Advisory Council Roundtable Lunch – (VIP / Invite only)
    • session level icon
    Topic: Reporting to the Board
    speaker photo
    VP / Global CISO, Avnet
    Registration Level:
    • session level iconVIP / Exclusive
    11:30 am - 12:30 pm
    Location / Room: Courtyard 7

    Carraig Stanwyck will moderate a discussion on reporting to the Board of Directors.

    This roundtable is for SecureWorld Advisory Council members only.

    12:30 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    1:00 pm
    [Panel] Cloud: Doing More with Less
    • session level icon
    speaker photo
    Sr. Solutions Architect, ReliaQuest
    speaker photo
    CIO / CTO, Summit Carbon Solutions
    speaker photo
    Sr. Security Architect, Capgemini
    speaker photo
    Director of Information Security & Privacy Officer, Children International
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:50 pm
    Location / Room: Courtyard 3

    The cloud saved many businesses when the pandemic hit. Some were already there and found new ways to thrive. For others, it was their first jump. It’s been almost two years now. Our panel will share what we’ve learned in this journey to the cloud—from doing more with less, to the ever-present insider threat risk, to supporting our DevOps teams like never before.

    1:00 pm
    [Panel] The Current Threat Landscape
    • session level icon
    speaker photo
    Director, Solutions Architect, Deepwatch
    speaker photo
    Principal Security Engineer, Salt Security
    speaker photo
    Sr. Director, Product Marketing , Recorded Future
    speaker photo
    Enterprise Sr. SE Manager, Abnormal Security
    speaker photo
    Director of Information Security | CISO, Uniti Group Inc.
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:50 pm
    Location / Room: Keynote Theater

    If we’ve learned one thing from the pandemic it’s that cybercriminals do not take breaks. They are constantly retooling and trying new approaches. They collaborate—often better than we do. It is time for us to join forces, identify the most likely of risks to our organizations, and strengthen our networks. We’ve got to get our developers on board, as well, as it’s got to be secure before it goes to market. And what about all the careless clicking from employees?

    It’s a huge task, but we don’t have to do it alone. Join our panel of experts as they unpack the current threat landscape and offer ideas on how to start making effective changes within your organization.

    1:00 pm
    Women in Security Kansas City (WiS-KC) Informational Meeting
    • session level icon
    speaker photo
    Women in Security KC, President
    speaker photo
    Information Security Analyst, Ascend Learning
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:50 pm
    Location / Room: Courtyard 6

    A panel discussion among leaders of WiS-KC. https://www.wiskc.org

    2:00 pm
    A Look into Third-Party Risk Management (TPRM) for FinTechs and Startups
    • session level icon
    speaker photo
    Manager, Third-Party Risk Management, Synctera
    Registration Level:
    • session level iconConference Pass
    2:00 pm - 2:45 pm
    Location / Room: Courtyard 5

    Key Take-away:
    How to navigate the establishment of a TPRM program for FinTechs and Startups with simplicity.

    You have a great idea, you pitch it and the investors love it, you received your first (or second) round of funding, but now you are left stumped. A sponsor is asking you how are you managing the risk of your third parties. You think, I don’t have any “third parties” then you remember your cloud service provider, you connected APIs, the applications your employees (hopefully) installed via legitimate channels, the open-source software used in the development, and all the unknowns. You are left thinking you may have just opened Pandora’s box. How do you navigate this process, now, tomorrow, and into the future?

    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

    2:00 pm
    Incident Response: Look Who's Talking
    • session level icon
    speaker photo
    Americas Lead for Human Cyber Risk and Education, EY
    Registration Level:
    • session level iconConference Pass
    2:00 pm - 2:45 pm
    Location / Room: Courtyard 3

    Key Takeaway:
    Learn the essential elements of crisis communications and reputation control for the cybersecurity team and the elements not exercised in most Incident Response plans.

    The ability to control the narrative during a cyber event will shape public perception of the company’s preparedness for a cyber event. In a cyber crisis, for everyone outside of the technical teams, perception is reality, and that reality may affect the company’s reputation long after the incident is over. Businesses have a significant reliance on technology; a breach of customer trust can be just as devastating as a network breach. Employees who are unsure of the circumstances will not hesitate to share on social media. Does the Incident Response plan account for reputation control? How will the company handle crisis communications during a cyber incident?

    2:00 pm
    Seize the Breach: Why Breaches Still Occur and How to Mitigate Them
    • session level icon
    speaker photo
    Principal Engineer, Exabeam
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:45 pm
    Location / Room: Courtyard 4

    Breaches happen and 2021 was a record-breaking year for them. According to Identity Theft Resource Center (ITRC) research, there were 1,291 breaches publicly reported in 2021 as of Sept. 2021 compared to 1,108 breaches in 2020; that’s a 17% year-over-year increase. Meanwhile, millions are spent on security operations centers that aren’t stopping the breaches from happening. Join us for a discussion on:

    • Why SOC and security teams are way too limited by legacy SIEM
    • How machine learning-driven analytics and automation technologies provide unmatched threat detection, investigation, and response (TDIR) capabilities so security teams can respond more quickly and accurately to seize the breach and mitigate damage.
    • A simple maturity model based on outcomes and use cases that can vastly improved Security Operations
    2:45 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:45 pm - 3:15 pm
    Location / Room: Exhibitor Hall

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:15 pm
    [Closing Keynote] CISO Panel: The Future of Work
    • session level icon
    speaker photo
    CISO, Veterans United Home Loans
    speaker photo
    CIO / CTO, Summit Carbon Solutions
    speaker photo
    Global BISO & Director of Business Partnership, Cardinal Health
    speaker photo
    CISO, Dolby Laboratories
    speaker photo
    Director, Cybersecurity & IT Infrastructure, Burns & McDonnell
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 4:00 pm
    Location / Room: Keynote Theater
Exhibitors
  • Abnormal Security
    Booth: 520

    Abnormal is the most precise human behavior security engine for blocking all email attacks, including phishing, malware, ransomware, social engineering, executive impersonation, supply chain compromise, internal account compromise, spam, and graymail.
    Secure email gateways and built-in Microsoft and Google security struggle to block email attacks that pass reputation checks, have no URLs or attachments, and appear to come from trusted sources.

    Only Abnormal uses behavioral AI to profile known good behavior and analyzes over 45,000 signals to detect anomalies that deviate from these baselines, delivering maximum protection for global enterprises.

  • Appgate
    Booth: 360

    Appgate is an industry leader in secure access solutions. We aim to change cybersecurity for the better by making it simpler for users and operators and harder for adversaries. We work hard to understand how cybercriminals operate, so that we can build the best secure access solutions as a defense. Our solutions help enterprises make sure the right people connect to the resources they need without friction. At the same time, the wrong people are kept out, which reduces the attack surface. Global enterprises and governments use our solutions to provide secure access for any user, on any device to any application, whether in the cloud, on-premise, or hybrid.

  • Cloud Security Alliance (CSA)
    Booth: 300

    The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.

  • Corelight
    Booth: 180

    Corelight makes powerful network security monitoring solutions that transform network traffic into rich logs, extracted files, and security insights for incident responders and threat hunters. Corelight Sensors run on open-source Zeek (formerly called “Bro”) and simplify Zeek deployment and management while expanding its performance and capabilities. https://www.corelight.com

  • Critical Start
    Booth: 420

    Critical Start Managed Cyber Risk Reduction solutions deliver continuous security cyber risk monitoring and mitigation enabling strong protection against threats. Combined with a team of expert risk mitigators, our platform provides maturity assessments, posture and event analytics, response capabilities, comprehensive threat intelligence, and security workload management capabilities. We help you achieve the highest level of cyber risk reduction for every dollar invested, leading to increased confidence in reaching your desired level of security posture.

  • Cybercrime Support Network
    Booth: n/a

    Cybercrime Support Network (CSN) is a public-private, nonprofit collaboration created to meet the challenges facing millions of individuals and businesses affected each and every day by cybercrime. CSN’s mission is to improve the plight of Americans facing the ever growing impact of cybercrime by bringing together national partners to support cybercrime victims before, during, and after.

  • deepwatch
    Booth: 400

    deepwatch’s cloud SecOps platform and relentless customer focus are redefining the managed security services industry. Designed to be different, deepwatch provides customers with world-class managed security services and unrivaled value by extending their cybersecurity teams, curating leading technologies into deepwatch’s cloud SecOps platform, and proactively driving their SecOps maturity.

  • Entrust
    Booth: 500

    Entrust keeps the world moving safely by enabling trusted identities, payments and data protection around the globe. Today more than ever, people demand seamless, secure experiences, whether they’re crossing borders, making a purchase, or accessing corporate networks. With our unmatched breadth of digital security and credential issuance solutions, it’s no wonder the world’s most entrusted organizations trust us.

  • Exabeam
    Booth: 200

    Exabeam is a global cybersecurity leader that adds intelligence to every IT and security stack. The leader in Next-gen SIEM and XDR, Exabeam is reinventing the way security teams use analytics and automation to solve Threat Detection, Investigation, and Response (TDIR), from common security threats to the most critical that are difficult to identify. Exabeam offers a comprehensive cloud-delivered solution that leverages machine learning and automation using a prescriptive, outcomes-based approach to TDIR. We design and build products to help security teams detect external threats, compromised users and malicious adversaries, minimize false positives and best protect their organizations.

  • InfraGard Kansas City
    Booth: 195

    InfraGard Kansas City Members Alliance (IMA) is a non-profit organization serving as a public-private partnership among U.S. businesses, individuals involved in the protection and resilience of U.S. critical infrastructures, and the Federal Bureau of Investigation.

    The InfraGard program is a public/private cooperative effort dedicated to improving our national security. InfraGard consists of Chapters throughout the United States and has thousands of members. The FBI leads the U.S. Government side of InfraGard. The private sector side of InfraGard is led by a non-profit corporation, the InfraGard National Members Alliance, which consists of local InfraGard Members Alliances (IMAs) throughout the country. An InfraGard “Chapter” refers to the local FBI, the local IMA, and the local InfraGard members working together. “InfraGard” is a registered service mark of the FBI.

  • ISACA Kansas City
    Booth: n/a

    Welcome to the local Kansas City Chapter of ISACA® (ISACA KC Chapter). The ISACA KC Chapter was founded in 1984 and continues to promote the education of individuals relating to the auditing of, management consulting in, or direct management of the fields of IT governance, IS audit, security, control and assurance.

  • ISC2 Kansas City Chapter
    Booth: 220

    The mission of ISC2 Kansas City (KC) Chapter is to advance the Information Security Profession by leveraging our shared body of knowledge to better our communities, groom the next generation of security professionals by delivering solutions to real-world security problems and issues that our members face.

    “We” began as a few security-minded friends that worked together.  We decided to quit talking about launching a local ISC2 chapter in Kansas City or worse yet, wait around for someone else to do it for us.  We stepped up and took the initiative.  We have been growing as others hear about our group and join with us.

  • ISSA Central Plains Chapter
    Booth: 190

    The Information Systems Security Association (ISSA) ® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications and peer interaction opportunities that enhance the knowledge, skill and professional growth of its members.
    MEETINGS
    General Meetings are held monthly on the first Friday of the month. These meetings may have some type of formal presentation. In the absense of a presentation, the meeting will focus on a roundtable discussion based on the 8 domains of the CISSP CBK.

    Location: Friends University Business & Technology Bld 
    Corner of Hiram & Maple, Wichita, KS 67213
  • ISSA Kansas City
    Booth: 190

    The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. Through its membership, ISSA – Kansas City helps security professionals in the Kansas City area learn of information security issues and trends, which promote education, collaboration, and leadership, and further the information security profession.

  • KC Tech Council
    Booth: n/a

    The KC Tech Council represents Kansas City’s tech industry, a diverse ecosystem anchored by multinational corporations and driven by innovative entrepreneurs, with industry footholds in Healthcare IT, Telecommunications, Digital Media, and more.

    In conjunction with strategic partners, active stakeholders and unique cultural and lifestyle advantages, the KC Tech Council elevates Kansas City as a leading technology hub.

    The KC Tech Council’s work helps to attract, retain and grow technology companies and highly skilled tech talent in Kansas City, ensuring the sustained competitiveness of our region into the future.

    The KC Tech Council is the operator of ChuteKC.com, an online-portal for tech candidates and employers to connect.

  • KU – Edwards Campus
    Booth: n/a

    The University of Kansas holds a tradition of excellence over a century old. In the 1970s, it shared that tradition with Greater Kansas City by providing courses to working professionals. In 1993 the university opened another location, the KU Edwards Campus, to provide permanent growth and education in the Kansas City community. In the past two decades, it has contributed more than $400 million to the Johnson County economy. In 2008, the Edwards Campus became proud partners in the Johnson County Education Research Triangle.

  • Novacoast
    Booth: 580

    A uniquely positioned IT services and solutions company, Novacoast is less defined by our broad range of expertise and services than by a perspective rooted in our cooperative environment of adaptable problem solving.

    Beyond security specialists, software developers or network engineers, we are guides, allies, and problem solvers.

    From implementation services, license fulfillment and technical training to software development, staffing services and custom or emerging solutions, Novacoast is an experienced and comprehensive IT business resource empowered on every level by our flexible and fearless perspective.

  • Okta
    Booth: 160

    Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.

  • Onspring Technologies, LLC
    Booth: 340

    Onspring Technologies was founded in 2010 with a simple idea: to empower business people to innovate and solve problems for themselves.

  • Recorded Future
    Booth: 480

    Recorded Future arms security teams with threat intelligence powered by machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources. We provide invaluable context that’s delivered in real time and packaged for human analysis or instant integration with your existing security technology.

  • Red Canary
    Booth: 460

    Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber attacks. As a security operations ally, we arm businesses of all sizes with outcome-focused solutions to quickly identify and shut down attacks from adversaries. Security teams can make a measurable improvement to security operations within minutes.

  • ReliaQuest
    Booth: 140

    ReliaQuest, the force multiplier of security operations, increases visibility, reduces complexity, and manages risk with its cloud native security operations platform, GreyMatter. ReliaQuest’s GreyMatter is built on an open XDR architecture and delivered as a service anywhere in the world, anytime of the day, by bringing together telemetry from tools and applications across cloud, on-premises and hybrid cloud architectures. Hundreds of Fortune 1000 organizations trust ReliaQuest to operationalize security investments, ensuring teams focus on the right problems while closing visibility and capability gaps to proactively manage risk and accelerate initiatives for the business. ReliaQuest is a private company headquartered in Tampa, Fla., with multiple global locations. For more information, visit www.reliaquest.com.

  • Salt Security
    Booth: 320

    Salt Security delivers an API Threat Protection solution focused on securing the ubiquitous APIs connecting everything from web and mobile applications to microservices and IoT devices. These are the APIs that you develop and own and are at the core of connecting your applications and data.

    Salt Security was founded in 2016 by alumni of the Israeli Defense Forces (IDF) to deliver the first, patented API Protection platform to secure APIs. Salt Security deploys in minutes, automatically learns your unique APIs, and requires no configuration or customization to help you protect and improve your API security.

  • SecKC
    Booth: n/a

    For those of you in Kansas City who find yourselves doing information security work as part of the day-to-day (be it consulting, penetration testing, internal compliance or just being the netadmin or sysadmin that has to mind the patches, firewalls and whatnot), I suggest trying to make it to SecKC.

  • Cyber Fraud Task Force – U.S. Secret Service
    Booth: 590

    Cyber Fraud Task Forces (CFTFs), the focal point of our cyber investigative efforts, are a partnership between the Secret Service, other law enforcement agencies, prosecutors, private industry, and academia. The strategically located CFTFs combat cybercrime through prevention, detection, mitigation, and investigation.

  • SentinelOne
    Booth: 440

    SentinelOne delivers real-time cloud workload protection, to stop runtime threats targeting VMs, containers and Kubernetes clusters. From endpoints to workloads, to data center and public cloud, innovate quickly knowing SentinelOne has you protected. To learn more, visit www.sentinelone.com or follow us at @SentinelOne, or on LinkedIn and Facebook.

  • Sonatype
    Booth: 390

    Every day, developers rely on millions of third party and open source building blocks – known as components – to build the software that runs our world. Sonatype ensures that only the best components are used throughout the software development lifecycle so that organizations don’t have to make the tradeoff between going fast and being secure. More than 120,000 organizations use Sonatype’s Nexus solutions to support agile, Continuous Delivery, and DevOps practices globally

  • Synopsys
    Booth: 380

    Synopsys helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in static analysis, software composition analysis, and application security testing, is uniquely positioned to apply best practices across proprietary code, open source, and the runtime environment. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

  • TechTarget
    Booth: n/a

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Wiz
    Booth: 560

    We’re on a mission to help organizations effectively reduce risks in their Cloud environments. Purpose-built for the unique complexities of multi-environment, multi-workload, and multi-project cloud estates, Wiz automatically correlates the critical risk factors to deliver actionable insights  that don’t waste time.

    Wiz connects in minutes using a 100% API-based approach that scans both platform configurations and inside every workload. Our full security stack context surfaces the toxic combinations that show the attackers’ view to a breach. Security and DevOps teams use Wiz workflows to proactively remove risks and prevent them from becoming breaches. For more information, visit www.wiz.io.

  • Women in CyberSecurity (WiCyS)
    Booth: n/a

    Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.

  • Women in Security – Kansas City
    Booth: 490

    Here at Women in Security – Kansas City, our mission is to provide a focus for women in Information Security through peer mentoring, workshops, and networking opportunities. Our vision for Women in Security – Kansas City is to inspire and support women at all career levels in Information Security.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Larry Wilson, CISSP, CISA, Instructor
    Sr. Cybersecurity Consultant, Wilson Cyber

    Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

  • speaker photo
    Randy Raw
    CISO, Veterans United Home Loans

    Randy Raw is Chief Information Security Officer at Veterans United Home Loans in Columbia, Missouri. He has more than 25 years of experience in both public entities and private industry, having built several Information Security programs from the ground up. He is a proponent of risk-based, layered security measures that utilize both preventative and detective approaches to achieve the right solution for the organization. Randy is a CISSP and is active in the Central Missouri InfoSec community. He has spoken at SecureWorld on many technical topics and turns his focus towards helping others move from the technical trenches to a leadership role.

  • speaker photo
    Dr. Cheryl Cooper, CISSP
    WiCys Kansas City Metroplex, President

    Dr. Cooper holds a doctorate in Computer Science. She holds a Master of Science in Criminal Justice and a Master of Arts in Business Administration. She has earned several security certifications; Certified Information System Security Professional (CISSP), Certified Information Systems Security Auditor (CISSA), and Certified Data Privacy Solutions Engineer (CDPSE). Dr. Cooper is employed with T-Mobile Corporation as a Security Risk Manager. She has 20 years of telecommunications and Cyber security experience. She is also an adjunct professor teaching course curriculum under Cyber Security degree programs with the University of Wisconsin and University of New York. She sits on multiple cybersecurity boards and is an advocate for equal opportunity for women and minorities in STEM careers. She is passionate about helping others and has demonstrated this through her community works, as well as being the recipient of multiple awards for being a champion and a bridge builder.

  • speaker photo
    Naeem Babri
    President, ISSA KC Chapter

    Naeem Babri is a cybersecurity practitioner who works at T-Mobile, focusing on cyber risk assessments, information security, and cyber security controls. Naeem has worked in IT and cybersecurity for the last 20+ years. His expertise in information security, IT operations, and support has led to various roles at T-Mobile, formerly Sprint. His various Board services include serving as President and advisor of ISSA-KC since 2014, board member for InfraGard, and as an advisor for various conferences. Naeem is an avid runner, enjoys photography, and is an arts patron in addition to his various community projects. He holds a Master's degree in Computer Resource Management and a Bachelor of Science in Mathematics and Computer Science.

  • speaker photo
    Yaron Levi
    CISO, Dolby Laboratories

    Yaron Levi is the CISO for Dolby Laboratories. Prior to joining Blue KC, he was CISO of Blue Cross and Blue Shield of Kansas City; a Director of Information Security for Cerner Corporation; an Information Security Business Partner for Intuit; an Information Security Architect and Product Manager for eBay; and a Director of Cloud Security for ANX. Yaron is a Research Fellow for the Cloud Security Alliance, serves as an advisory board member for several information security companies, and is co-founder of the Kansas City CISO forum. He graduated from the FBI CISO academy in 2018, and currently serves on the board of InfraGard KC.

  • speaker photo
    Dr. Cheryl Cooper, CISSP
    WiCys Kansas City Metroplex, President

    Dr. Cooper holds a doctorate in Computer Science. She holds a Master of Science in Criminal Justice and a Master of Arts in Business Administration. She has earned several security certifications; Certified Information System Security Professional (CISSP), Certified Information Systems Security Auditor (CISSA), and Certified Data Privacy Solutions Engineer (CDPSE). Dr. Cooper is employed with T-Mobile Corporation as a Security Risk Manager. She has 20 years of telecommunications and Cyber security experience. She is also an adjunct professor teaching course curriculum under Cyber Security degree programs with the University of Wisconsin and University of New York. She sits on multiple cybersecurity boards and is an advocate for equal opportunity for women and minorities in STEM careers. She is passionate about helping others and has demonstrated this through her community works, as well as being the recipient of multiple awards for being a champion and a bridge builder.

  • speaker photo
    Dr. Margery Sendze
    Technology Leader, I/O Psychologist

    Dr. Sendze is a technology leader with more than 20 years of delivering business value by enabling high-performing teams. Dr. Sendze currently serves as a technology manager and leverages organizational psychology to drive organizational change and talent engagement and retention strategies in the technology workforce. She holds a B.A and an M.A. in communications and a Ph.D. in industrial and organizational psychology. Marge is a self-described people champion and an advocate for creating environments that promote the inclusion, participation, and retention of girls/women and people of color in STEM. Dr. Sendze is also a certified diversity coach and an adjunct faculty. She serves on the KU Edwards Workforce Advisory Board and is an active member of various initiatives in the KC STEM community.

  • speaker photo
    Christine Gordon
    Director, Global Cyber Governance Center, Cboe Global Markets

    Christine is an Information Security leader with experience in the security, governance, and technology domains. Christine is currently the Director of the Global Cyber Governance Center at Cboe Global Markets, one of the world’s largest exchange holding companies. Christine holds a Master's in Management and Leadership from Webster University, with an B.S. in Management Information Technology. She is a Certified Information Systems Auditor (CISA) and Certified Data Privacy Solutions Engineer (CDPSE) under the governing body of ISACA where she serves as a Board Member of the KC Chapter and is CompTIA Security + certified.

  • speaker photo
    April Boyd-Noronha
    Lead, Security Awareness; Sr. Engineer, Information Security & Risk, Cardinal Health

    April, also known as The STEM Broker, is currently the Global Diversity & Inclusion Advisor and Board Member of the XR Safety Initiative (XRSI), the first global non-profit with the mission of helping build safe and inclusive realities. In her role, she continues to advise the CyberXR Coalition, launched by XRSI, where she helped lead the launch of the Immersive Technology Standards as a baseline for developing a new mindset for immersive tech which featured four pillars: diversity and inclusion, ethics, trust and safety, and accessibility.

    April has over 20 years of experience in academia and advanced technologies as an author, global keynote speaker, thought leader, and advisor on emerging trends and the future of work on diversity, equity, inclusion, and accessibility of historically marginalized populations. She also is the Program Director and Professor of Cybersecurity at the University of Saint Mary in Leavenworth, Kansas. April is the first Black elected school board member of the Shawnee Mission School District (SMSD) and is committed to ensuring that “diversity is the strength” of SMSD. She is the parent of three children who all are pursuing a STEM career track in cybersecurity, engineering, and drone piloting.

  • speaker photo
    Moderator: Kennetra Pulliams
    Communications Specialist, Big 12 Now / ESPN+

    Kennetra Pulliams has more than 20 years of experience as a broadcast journalist. She graduated from The University of Texas at Austin. Her career has taken her from Texas to Virginia to Kansas City. Kennetra spent more than a decade working at Spectrum Sports, a regional broadcast network. There, she had to opportunity to cover the Kansas City Royals back to back World Series runs; The Kansas Jayhawks 2008 NCAA basketball National Championship season, and subsequent Final Four appearances; the Kansas City Chiefs recent Super Bowl seasons; three Major League Baseball All Star Games and countless high school state championships. Since 2018, Kennetra has worked with Big 12 Now on ESPN Plus to provide extensive coverage of KU Athletics to more than 17 million subscribers, nationwide. Outside of work, Kennetra serves as a director and videographer in the church’s Audio/Video ministry at Canaan Worship Center.

  • speaker photo
    Jon Poon
    VP of Security Services, Novacoast

    Jon's background is in Computer Science and was a software developer building web and mobile applications before moving into the security industry. He has been working with SIEM technologies for over a decade and has worked with hundreds of customers over that time building out SOC and SOC teams.

  • speaker photo
    Justin Quinn
    Enterprise Solutions Engineer, Wiz
  • speaker photo
    Michael Meis
    Associate CISO, The University of Kansas Health System

    Michael is an Army veteran with over 13 years' experience and has a passion for architecting security programs, leading people, and developing world-class security teams. During his career, Michael previously partnered with the USDA CISO to develop one of the largest consolidations of security services in the federal government. Michael also led the H&R Block Information Security team through a transformation of their GRC operations to instill quantitative cyber risk management practices. Michael currently leads The University of Kansas Health System Cybersecurity team as they protect the critical systems, data, and people that provide lifesaving patient care.

  • speaker photo
    Morgan Wright
    Chief Security Advisor, SentinelOne

    Morgan is an internationally recognized expert on cybersecurity strategy, cyberterrorism, national security and intelligence. He currently serves as Chief Security Advisor for SentinelOne, Senior Fellow at The Center for Digital Government, and is the chief technology analyst for Fox News and Fox Business. Morgan's landmark testimony before Congress on Healthcare.gov changed how the government collected personally identifiable information. Previously Morgan was a Senior Advisor in the US State Department Antiterrorism Assistance Program, the Senior Law Enforcement Advisor for the 2012 Republican National Convention, taught behavioral analysis at the National Security Agency and spent a year teaching the FBI how to conduct internet investigations. In addition to 18 years in state and local law enforcement as a highly decorated state trooper and detective, Morgan has developed solutions in defense, justice and intelligence for the largest technology companies in the world including Cisco, SAIC, Unisys and Alcatel-Lucent/Bell Labs.

  • speaker photo
    Stan Shollenbarger
    Sr. Information Security Analyst, Veterans United Home Loans
  • speaker photo
    Stephen Dougherty
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service

    Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.

  • speaker photo
    Amber Cole
    Sr. Special Agent, Cyber Crime Unit, United States Secret Service
  • speaker photo
    Josh Bryant
    Network Intrusion Forensic Analyst, United States Secret Service
  • speaker photo
    Brian Wasko, Moderator
    Principal Security Program Manager, Microsoft
  • speaker photo
    Carraig Stanwyck
    VP / Global CISO, Avnet
  • speaker photo
    Isaac Hannagan
    Sr. Solutions Architect, ReliaQuest

    Isaac Hannagan is a security professional with nearly a decade of experience spanning SIEM and the security industry supporting, architecting, and scaling solutions and services. Isaac has spent several years working in the SIEM vendor space supporting LogRhythm’s strategic enterprise environments as a Technical Account Manager before helping grow the Professional Services organization. Today Isaac is a Sr. Sales Engineer at ReliaQuest partnering with practitioners to identify visibility gaps, security risks, and opportunities to improve DIR lifecycle across technologies, platforms, and infrastructure.

  • speaker photo
    Jason Cradit
    CIO / CTO, Summit Carbon Solutions

    Jason Cradit is a highly-skilled technology executive with a passion for creating innovative solutions in the energy and utilities industry. For two decades, Jason has helped companies use technology to streamline their processes, reduce costs, and increase efficiencies by challenging the status quo and leading teams to set higher bars with modern technologies. He is a versatile executive with experience as a software solutions leader, consultant, and operator. Jason's academic journey includes a bachelor's degree in business management from Baker University, a master's in computer science from the University of Kansas, and a master’s in business administration from Rockhurst University. Additionally, he holds many industry certifications such as CISSP, CCSP, AWS Architect, Azure Architect, and many more.

  • speaker photo
    Rodney Pattison
    Sr. Security Architect, Capgemini

    Executive with multi-industry and multi-national IT service delivery experience. Global consulting background with expert level understanding and experience in IT strategy & governance, directing large, complex change initiatives. Business advisor developing lasting relationships by taking responsibility for customer satisfaction and conveying firm understanding of customer’s business drivers. Proven ability in information security & risk, financial management, service planning & architecture, infrastructure & operations supporting 24x7x365 uptime, and personnel development.

  • speaker photo
    Rob Arnold, Moderator
    Director of Information Security & Privacy Officer, Children International

    Rob Arnold is Director of Information Security at Children International, where his job is protecting the data and systems we use to fight to end global poverty. Twenty-eight years of working in Information Technology in the public and private sector has given Rob the conviction that successful outcomes happen when you don’t let the technology overshadow the people and the process.

  • speaker photo
    Franklin Edwards
    Director, Solutions Architect, Deepwatch
  • speaker photo
    Sean Boulter
    Principal Security Engineer, Salt Security

    Sean Boulter is a technical leader with Salt Security where he helps his customers protect their APIs from abuse and keep their customers’ data secure. His career in IT and consulting spans three decades and covers a wide variety of infrastructure platforms and several industries including fintech, finserv, insurance, healthcare, medtech, and retail. He lives in the Minneapolis area with his wife, and shares a passion for bicycling and wilderness expeditions with his two grown children.

  • speaker photo
    Rueben Rodriguez
    Sr. Director, Product Marketing , Recorded Future
  • speaker photo
    Scott Deluke
    Enterprise Sr. SE Manager, Abnormal Security
  • speaker photo
    Moderator: Shawn Knaebel
    Director of Information Security | CISO, Uniti Group Inc.
  • speaker photo
    Moderator: Maria Singh
    Women in Security KC, President

    With more than 10 years of experience in the telecommunications industry & specifically 6 years in the Cybersecurity space. Experienced, thought leader, cybersecurity professional with operational experience in building successful processes and leading projects in vulnerability scanning, vulnerability management, access management, privacy and cyber defense of the network to threat intelligence to ensure the security posture of the company's critical assets and resources.

  • speaker photo
    Moderator: Jennifer Harmon
    Information Security Analyst, Ascend Learning

    Superior problem-solving skills and experience securing complex systems. A skilled Incident Manager of hosted systems with an emphasis on supporting both Linux and Windows Operating Systems secure availability.

  • speaker photo
    Jonathan Brito
    Manager, Third-Party Risk Management, Synctera

    Jonathan Brito oversees Third-Party Risk Management at Synctera. Synctera connects community banks with FinTechs, allowing the bank to grow and the FinTech to launch quickly. Our processes streamline day-to-day processes like reconciliation, operations, and regulatory compliance for FinTech Banking. Jonathan Brito possesses over a decade of experience implementing, executing, and evolving third-party risk management programs for international and leading regional banks. Prior to joining Synctera, Jonathan led as the Manager of the Vendor Risk Assessment Center for the world’s 16th largest global bank. He also holds industry certifications as a Certified Information Systems Auditor (CISA) and a Certified Data Privacy Solutions Engineer (CDPSE).

  • speaker photo
    Alexandra Panaretos
    Americas Lead for Human Cyber Risk and Education, EY

    With a background in broadcasting and operational security, Alex specializes in secure communications and education, awareness program development, the psychology of social engineering, human-based risk mitigation, and behavior analytics. She has over 12 years of experience developing and implementing security awareness, communication, and education strategies in Fortune 50/100 companies and other global enterprises. Alex is OPSEC Manager II Certified by the U.S. Army and the Joint Information Operations Warfare Center (JIOWC). She volunteers with local law enforcement agencies educating parents, community groups, and youth organizations on information security and social media safety in her free time.

  • speaker photo
    Jim Chrisos
    Principal Engineer, Exabeam

    Jim officially started working in security as an analyst at a large MSSP. This experience enabled him to gain employment at large global organizations as an analyst before becoming an incident handler. It was in his capacity as an incident handler where he witnessed, first hand, nation state attacks. This left such a profound impact on Jim that he wanted to do whatever he could to assist other organizations defend against this threat. An opportunity arose that introduced a career change and ensuing uncertainty for Jim, now a seasoned incident handler. Jim took this chance with a small, unknown startup named FireEye and got into sales. Jim has been a sales engineer since that time and has not looked back. Jim is proud to call Exabeam home today where he is able to cater to incident handlers and security teams to help them defend themselves on the Internet. Jim has his father to thank for introducing him to InfoSec and also Cliff Stoll for the inspiration to become an incident handler. Other interests of Jim include collecting certifications, computers, cars and things that fly. He holds industry certifications including CISSP, GCIH, GCFA and Security+.

  • speaker photo
    Randy Raw
    CISO, Veterans United Home Loans

    Randy Raw is Chief Information Security Officer at Veterans United Home Loans in Columbia, Missouri. He has more than 25 years of experience in both public entities and private industry, having built several Information Security programs from the ground up. He is a proponent of risk-based, layered security measures that utilize both preventative and detective approaches to achieve the right solution for the organization. Randy is a CISSP and is active in the Central Missouri InfoSec community. He has spoken at SecureWorld on many technical topics and turns his focus towards helping others move from the technical trenches to a leadership role.

  • speaker photo
    Jason Cradit
    CIO / CTO, Summit Carbon Solutions

    Jason Cradit is a highly-skilled technology executive with a passion for creating innovative solutions in the energy and utilities industry. For two decades, Jason has helped companies use technology to streamline their processes, reduce costs, and increase efficiencies by challenging the status quo and leading teams to set higher bars with modern technologies. He is a versatile executive with experience as a software solutions leader, consultant, and operator. Jason's academic journey includes a bachelor's degree in business management from Baker University, a master's in computer science from the University of Kansas, and a master’s in business administration from Rockhurst University. Additionally, he holds many industry certifications such as CISSP, CCSP, AWS Architect, Azure Architect, and many more.

  • speaker photo
    Britney Kennedy
    Global BISO & Director of Business Partnership, Cardinal Health

    Britney began the first decade of her security career in the U.S. Army where she managed over 90 teams and traveled to assess the security of international government partners. She oversaw the Information Security Department for AMC Theatres where she was responsible for the development and implementation of the global strategy. She has since transitioned to Cardinal Health, initially leading Cyber Operations and now performing as the Director of Information Security Business Partnerships, providing Business Support, Security Awareness, and Compliance Operations across the Globe. Britney is a certified CISSP, CISM, PMP, SSAP. and holds certifications for CompTIA S+, CCSK, and IT Business Management. She holds a BS in Applied & Discrete Mathematics and an MS in Cybersecurity. Britney was also named an IT Security Power Player by SC Magazine and named as the Security Professional of the Year by ASIS Kansas City Chapter in 2020.

  • speaker photo
    Yaron Levi
    CISO, Dolby Laboratories

    Yaron Levi is the CISO for Dolby Laboratories. Prior to joining Blue KC, he was CISO of Blue Cross and Blue Shield of Kansas City; a Director of Information Security for Cerner Corporation; an Information Security Business Partner for Intuit; an Information Security Architect and Product Manager for eBay; and a Director of Cloud Security for ANX. Yaron is a Research Fellow for the Cloud Security Alliance, serves as an advisory board member for several information security companies, and is co-founder of the Kansas City CISO forum. He graduated from the FBI CISO academy in 2018, and currently serves on the board of InfraGard KC.

  • speaker photo
    Eric Walters
    Director, Cybersecurity & IT Infrastructure, Burns & McDonnell

    A seasoned information technology leader with over 25 years of information security experience. Capable of translating low level security details into executive level business decisions. Believes good compliance does not mean good security, nor does good security mean good risk management. Passionate for employee development. Experience includes healthcare cross-disciplinary compliance and privacy, software development, information security program management, cyber security managed services, federal government IT cloud deployments, global transition operations, and 20 years in the military.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes